by ?
Written in Delphi
Released in July 2003
Made in China
Server: dropped files: c:\WINDOWS\SYSTEM\iplog.exe c:\WINDOWS\SYSTEM\ipsnow.exe c:\WINDOWS\sk.exe size: 245.825 bytes port: 5328 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "ipSnow" added: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\WinOlaApp "Disable" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Network\LanMan\C$MegaSecurity